<?php
/**
 * @package		简易CMS
 * @subpackage	功能：评论处理
 * @version		$Id: option_comment.php 29 2013-05-07 06:45:56Z hopingsoft@gmail.com $
 * @author		Hoping
 * @copyright	Copyright (C) 2009 - 2010 Hoping Software Studio. All rights reserved.
 */

if (! defined ( 'IN_JYCMS' )) {
	exit ( 'Access Denied' );
}

define ( 'CURSCRIPT', 'comment' );

class comment_ctrl extends application {
	var $allowaction = array ('show', 'manage', 'requote' );
	function __construct() {
		$this->comment_ctrl ();
	}

	function comment_ctrl() {
		$this->cachelist = array ();
		parent::__construct ();
	}
	function onRequote() {
		global $_G, $category, $navtitle;

		$cid = intval ( $_GET ['cid'] );
		$comment = array ();
		if ($cid) {
			$query = DB::query ( "SELECT * FROM #__common_comment WHERE cid='$cid'" );
			$comment = DB::fetch ( $query );
		}
		if (! empty ( $comment ['message'] )) {

			include_once libfile ( 'class/bbcode' );
			$bbcode = & bbcode::instance ();
			$comment ['message'] = $bbcode->html2bbcode ( $comment ['message'] );
			$comment ['message'] = preg_replace ( "/\[quote\].*?\[\/quote\]/is", '', $comment ['message'] );
			$comment ['message'] = getstr ( $comment ['message'], 150, 0, 0, 2, - 1 );
		}
		include_once template ( "portalcp/comment" );
	}
	/**
	 * 评论管理
	 */
	function onManage() {
		global $_G, $category, $navtitle;

		$cid = intval ( $_GET ['cid'] );
		$comment = array ();
		if ($cid) {
			$query = DB::query ( "SELECT * FROM #__common_comment WHERE cid='$cid'" );
			$comment = DB::fetch ( $query );
		}
		if ($_GET ['op'] == 'edit') {

			if (empty ( $comment )) {
				showmessage ( 'To edit the comment does not exist' );
			}

			if (! $_G ['group'] ['allowmanagearticle'] && $_G ['uid'] != $comment ['uid'] && $_G ['adminid'] != 1 && $_G ['gp_modarticlecommentkey'] != modauthkey ( $comment ['cid'] )) {
				showmessage ( 'Your user group ({grouptitle}) can not be done.', NULL, array ('grouptitle' => $_G ['group'] ['grouptitle'] ), array ('login' => 1 ) );
			}

			if (submitcheck ( 'editsubmit' )) {
				$message = getstr ( $_POST ['message'], 0, 1, 1, 2 );
				if (strlen ( $message ) < 2)
					showmessage ( 'Enter the content of not less than two characters' );
				$message = censor ( $message );
				if (censormod ( $message )) {
					$comment_status = 1;
				} else {
					$comment_status = 0;
				}

				DB::update ( 'common_comment', array ('message' => $message, 'status' => $comment_status ), array ('cid' => $comment ['cid'] ) );

				showmessage ( 'The operation completed!', dreferer () );
			}

			include_once libfile ( 'class/bbcode' );
			$bbcode = & bbcode::instance ();
			$comment ['message'] = $bbcode->html2bbcode ( $comment ['message'] );

		} elseif ($_GET ['op'] == 'delete') {

			if (empty ( $comment )) {
				showmessage ( 'To delete a comment does not exist' );
			}

			if (! $_G ['group'] ['allowmanagearticle'] && $_G ['uid'] != $comment ['uid']) {
				if (! $_G ['uid']) {
					$sql = "SELECT postip FROM #__common_comment WHERE cid='$cid'";
					$postip = DB::result ( DB::query ( $sql ) );
					if ($postip != $_G ['clientip']) {
						showmessage ( 'Your user group ({grouptitle}) can not be done.', NULL, array ('grouptitle' => $_G ['group'] ['grouptitle'] ), array ('login' => 1 ) );
					}
				}

				showmessage ( 'Your user group ({grouptitle}) can not be done.', NULL, array ('grouptitle' => $_G ['group'] ['grouptitle'] ), array ('login' => 1 ) );
			}

			if (submitcheck ( 'deletesubmit' )) {
				DB::query ( "DELETE FROM #__common_comment WHERE cid='$cid'" );
				DB::query ( "UPDATE #__portal_article_title SET commentnum=commentnum+'-1' WHERE aid='$comment[aid]'" );
				showmessage ( 'The operation completed!', dreferer () );
			}

		}

		if (submitcheck ( 'commentsubmit', 0 )) {

			if (! checkperm ( 'allowcommentarticle' )) {
				showmessage ( 'Your user group ({grouptitle}) can not be done.', NULL, array ('grouptitle' => $_G ['group'] ['grouptitle'] ), array ('login' => 1 ) );
			}

			$aid = intval ( $_POST ['aid'] );

			$article = DB::fetch_first ( "SELECT * FROM #__portal_article_title WHERE aid='$aid'" );
			if (empty ( $article )) {
				showmessage ( "To comment on the article does not exist!" );
			}
			if ($article ['allowcomment'] != 1) {
				showmessage ( "The article does not allow comments!" );
			}

			require_once libfile ( 'function/member' );

			$waittime = interval_check ();
			if ($waittime > 0) {
				showmessage ( 'Issued two operating too fast, wait {waittime} seconds and try again', '', array ('waittime' => $waittime ), array ('return' => true ) );
			}
			$allowhtml = checkperm ( 'allowhtml' );

			$message = getstr ( $_POST ['message'], $_G ['group'] ['allowcommentarticle'], 1, 1, 1, $allowhtml ? 0 : - 1 );
			if (strlen ( $message ) < 2)
				showmessage ( 'Enter the content of not less than two characters' );
			$message = censor ( $message );
			if (censormod ( $message )) {
				$comment_status = 1;
			} else {
				$comment_status = 0;
			}
			if (! $_G ['uid']) {
				require_once libfile ( 'function/misc' );
				$username = trim($_POST['author']);
				if(!$username){
					$username = str_replace ( array (' ', '-' ), '', convertip ( $_G ['clientip'] ) ) . $_G ['group'] ['grouptitle'];
				}
				$email = trim($_POST['email']);
				$_G['username'] = $username;
				$_G['useremail'] = $email;
			}
			if(!$_G['useremail']){
				showmessage ( 'You must input email!' );
			}

			$setarr = array ('uid' => $_G ['uid'], 'email' => $_G['useremail'], 'username' => $_G ['username'], 'aid' => $aid, 'postip' => $_G ['clientip'], 'dateline' => $_G ['timestamp'], 'status' => $comment_status, 'message' => $message );
			updatecreditbyaction('comment', $_G['uid']);
			if($_G['uid']!=$article['uid']){
				//评论他人文章，则执行被评论得分
				updatecreditbyaction('getcomment', $article['uid']);
			}
			DB::insert ( 'common_comment', $setarr );

			DB::query ( "UPDATE #__portal_article_title SET commentnum=commentnum+1 WHERE aid='$aid'" );
			DB::update ( 'common_member', array ('lastpost' => $_G ['timestamp'] ), array ('uid' => $_G ['uid'] ) );
			showmessage ( 'The operation completed!', $_POST ['referer'] ? $_POST ['referer'] : "option=comment&task=show&quickforward=1&aid=$aid" );
		}

		include_once template ( "portalcp/comment" );

	}
	function onShow() {
		global $_G;
		$aid = empty ( $_GET ['aid'] ) ? 0 : intval ( $_GET ['aid'] );
		if (empty ( $aid )) {
			showmessage ( "To view the article did not specify the correct ID!" );
		}
		$aidtype = isset($_REQUEST['aidtype'])?trim($_REQUEST['aidtype']):'article';
		$article = DB::fetch_first ( "SELECT a.*
			FROM #__portal_article_title a
			WHERE a.aid='$aid'" );
		if (empty ( $article )) {
			showmessage ( "To view the article specified does not exist!" );
		} elseif (empty ( $article ['allowcomment'] )) {
			showmessage ( 'Commenting is closed for this article!' );
		}

		$perpage = 25;
		$page = intval ( $_GET ['page'] );
		if ($page < 1)
			$page = 1;
		$start = ($page - 1) * $perpage;

		$commentlist = array ();
		$multi = '';

		if ($article ['commentnum']) {
			$sqladd = '';
			$pricount = 0;
			$query = DB::query ( "SELECT * FROM #__common_comment WHERE aid='$aid' $sqladd ORDER BY cid DESC LIMIT $start,$perpage" );
			while ( $value = DB::fetch ( $query ) ) {
				if ($value ['status'] == 0 || $value ['uid'] == $_G ['uid'] || $_G ['adminid'] == 1) {
					$value ['allowop'] = 1;
					$commentlist [] = $value;
				} else {
					$pricount ++;
				}
			}
		}

		$multi = multi ( $article ['commentnum'], $perpage, $page, "option=comment&task=show&aid=$aid" );

		include_once template ( "diy:common/comment" );
	}
}
